Security Analyst (R12104)
Remote MX
Oportun
ABOUT OPORTUN
Oportun (Nasdaq: OPRT) is a digital banking platform that puts its 2.2 million members' financial goals within reach. With intelligent borrowing and savings, Oportun empowers members with the confidence to build a better financial future. Since inception, Oportun has provided more than $17.8 billion in responsible and affordable credit, saved its members more than $2.3 billion in interest and fees, and helped our members save an average of more than $1,800 annually. For more information, visit Oportun.com.
WORKING AT OPORTUN
Working at Oportun means enjoying a differentiated experience of being part of a team that fosters a diverse, equitable and inclusive culture where we all feel a sense of belonging and are encouraged to share our perspectives. This inclusive culture is directly connected to our organization's performance and ability to fulfill our mission of delivering affordable credit to those left out of the financial mainstream. We celebrate and nurture our inclusive culture through our employee resource groups.
We are seeking a Security Analyst with a focus on supply chain or third-party risk management to join the team. The Security Analyst will assist in managing third party risk in accordance with the Third-Party Risk Management Policy and Third-Party Security Standard, primarily in identification and analysis of risks and proposing risk treatments appropriate to the risk severity and overarching business objectives.
RESPONSIBILITIES
- Evaluating evidence such as assessments, reports, questionnaires, etc.
- Identifying and proposing risk treatment methods that mitigate risk while facilitating the overarching business objective
- Writing assessment reports containing risk-based and context-specific evaluations and
- Other duties as assigned
Security Analyst must have the following knowledge, skills and abilities:
- Excellent communication skills (verbal and written)
- Fluency in English and Spanish
- Strong analytical skills
- Ability to understand use cases and business objectives
- Ability to communicate with diverse stakeholders including business and technical leaders
- Experience evaluating risks and writing risk statements
- Familiarity with common productivity tools including Microsoft Office365 and Jira
- Familiarity with security industry frameworks (NIST CSF, ISO 27001, etc.)
- Familiarity with regulatory requirements and compliance reporting/audits (AICPA reports such as SOC 1/2/3, Federal Trade Commissions Safeguards Rule, PCI-DSS v4.0, etc.)
- Understanding of security tools, techniques, and best practices including asset preservation, asset configuration, data protection at rest, data protection in transit, physical security, secure development, and continuity of operations
- Ability to adapt to a fast-paced high-volume environment
- High attention to detail and strong organizational skills
- Willingness and ability to learn new skills and methodologies
REQUIREMENTS
- Bachelor’s Degree in related field
- 3-5 combined years of experience in Technology and/or Security Governance, Risk, and Compliance
- Security industry certification (CompTIA, SANS, ISACA, ISC2, Microsoft, AWS, etc.)
#LI-REMOTE
#LI-GK1
We are proud to be an Equal Opportunity Employer and consider all qualified applicants for employment opportunities without regard to race, age, color, religion, gender, national origin, disability, sexual orientation, veteran status or any other category protected by the laws or regulations in the locations where we operate.
California applicants can find a copy of Oportun's CCPA Notice here: https://oportun.com/privacy/california-privacy-notice/.
We will never request personal identifiable information (bank, credit card, etc.) before you are hired. We do not charge you for pre-employment fees such as background checks, training, or equipment. If you think you have been a victim of fraud by someone posing as us, please report your experience to the FBI’s Internet Crime Complaint Center (IC3).
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits AWS Banking CCPA Compliance CompTIA Governance ISACA ISO 27001 Jira NIST Privacy Risk management SANS SOC SOC 1 SOC 2 SOC 3
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open PowerShell-related jobs